ca-grow-ops-manager/backend/src/controllers/auth.controller.ts

import { FastifyRequest, FastifyReply } from 'fastify';

export const login = async (request: FastifyRequest, reply: FastifyReply) => {
    const { email, password } = request.body as any;

    if (!email || !password) {
        return reply.code(400).send({ message: 'Email and password required' });
    }

    const user = await request.server.prisma.user.findUnique({
        where: { email }
    });

    if (!user) {
        return reply.code(401).send({ message: 'Invalid credentials' });
    }

    // TODO: Use bcrypt.compare
    // For now (Foundation), simple check (assuming seed uses cleartext or we fix later)
    // In real app, verify passwordHash
    if (user.passwordHash !== password) {
        return reply.code(401).send({ message: 'Invalid credentials' });
    }

    const token = request.server.jwt.sign({
        id: user.id,
        email: user.email,
        role: user.role
    });

    return { token, user: { id: user.id, email: user.email, role: user.role } };
};

export const me = async (request: FastifyRequest, reply: FastifyReply) => {
    try {
        await request.jwtVerify();
        return request.user;
    } catch (err) {
        reply.send(err);
    }
};